apache2 2.4.38-2ubuntu2.2 source package in Ubuntu
Changelog
apache2 (2.4.38-2ubuntu2.2) disco-security; urgency=medium * SECURITY UPDATE: HTTP/2 internal data buffering denial of service. - d/p/mod_http2-1.15.4-backport-0004-CVE-2019-9517.patch: improve http/2 module keepalive throttling. - CVE-2019-9517 * SECURITY UPDATE: Upgrade request from http/1.1 to http/2 crash denial of service (LP: #1840188) - d/p/mod_http2-1.14.1-backport-0001-Merge-r1852038-r1852101-from-trunk-CVE-2019-0197.patch: re-use slave connections and fix slave connection keepalives counter. - CVE-2019-0197 * SECURITY UPDATE: mod_http2 memory corruption on early pushes - included in mod_http2 1.15.4 backport - CVE-2019-10081 * SECURITY UPDATE: read-after-free in mod_http2 h2 connection shutdown. - included in mod_http2 1.15.4 backport - CVE-2019-10082 * SECURITY UPDATE: mod_remoteip: Stack buffer overflow and NULL pointer dereference. - d/p/CVE-2019-10097.patch: add better sanity checks. - CVE-2019-10097 * SECURITY UPDATE: Limited cross-site scripting in mod_proxy error page. - d/p/CVE-2019-10092-1.patch: Remove request details from built-in error documents. - d/p/CVE-2019-10092-2.patch: Add missing log numbers. - d/p/CVE-2019-10092-3.patch: mod_proxy: Improve XSRF/XSS protection. - CVE-2019-10092-1 * SECURITY UPDATE: mod_rewrite potential open redirect - d/p/CVE-2019-10098.patch: Set PCRE_DOTALL by default. - CVE-2019-10098 * Backport mod_http2 v1.14.1 and v1.15.4 for CVE-2019-9517, CVE-2019-10081, and CVE-2019-10082 fixes: - add d/p/mod_http2-1.14.1-backport-*.patches and d/p/mod_http2-1.15.4-backport-*.patches -- Steve Beattie <email address hidden> Mon, 26 Aug 2019 06:31:40 -0700
Upload details
- Uploaded by:
- Steve Beattie
- Uploaded to:
- Disco
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- httpd
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
apache2_2.4.38.orig.tar.gz | 8.8 MiB | 38d0b73aa313c28065bf58faf64cec12bf7c7d5196146107df2ad07541aa26a6 |
apache2_2.4.38-2ubuntu2.2.debian.tar.xz | 1.0 MiB | 982d9cbdaf27da9bd1ed84abcc483074308d7f55f2591c5a2bd20c438f53c916 |
apache2_2.4.38-2ubuntu2.2.dsc | 3.3 KiB | 468e2fa2aeb7967a3b84ab4d5801d1bc5a920009cc6a1e512e85c73a68de9cec |
Available diffs
- diff from 2.4.38-2ubuntu2.1 to 2.4.38-2ubuntu2.2 (723 bytes)
Binary packages built by this source
- apache2: No summary available for apache2 in ubuntu disco.
No description available for apache2 in ubuntu disco.
- apache2-bin: No summary available for apache2-bin in ubuntu disco.
No description available for apache2-bin in ubuntu disco.
- apache2-bin-dbgsym: No summary available for apache2-bin-dbgsym in ubuntu disco.
No description available for apache2-bin-dbgsym in ubuntu disco.
- apache2-data: No summary available for apache2-data in ubuntu disco.
No description available for apache2-data in ubuntu disco.
- apache2-dev: No summary available for apache2-dev in ubuntu disco.
No description available for apache2-dev in ubuntu disco.
- apache2-doc: No summary available for apache2-doc in ubuntu disco.
No description available for apache2-doc in ubuntu disco.
- apache2-ssl-dev: No summary available for apache2-ssl-dev in ubuntu disco.
No description available for apache2-ssl-dev in ubuntu disco.
- apache2-suexec-custom: No summary available for apache2-suexec-custom in ubuntu disco.
No description available for apache2-
suexec- custom in ubuntu disco.
- apache2-suexec-custom-dbgsym: No summary available for apache2-suexec-custom-dbgsym in ubuntu disco.
No description available for apache2-
suexec- custom- dbgsym in ubuntu disco.
- apache2-suexec-pristine: No summary available for apache2-suexec-pristine in ubuntu disco.
No description available for apache2-
suexec- pristine in ubuntu disco.
- apache2-suexec-pristine-dbgsym: No summary available for apache2-suexec-pristine-dbgsym in ubuntu disco.
No description available for apache2-
suexec- pristine- dbgsym in ubuntu disco.
- apache2-utils: No summary available for apache2-utils in ubuntu disco.
No description available for apache2-utils in ubuntu disco.
- apache2-utils-dbgsym: No summary available for apache2-utils-dbgsym in ubuntu disco.
No description available for apache2-
utils-dbgsym in ubuntu disco.
- libapache2-mod-md: No summary available for libapache2-mod-md in ubuntu disco.
No description available for libapache2-mod-md in ubuntu disco.
- libapache2-mod-proxy-uwsgi: No summary available for libapache2-mod-proxy-uwsgi in ubuntu disco.
No description available for libapache2-
mod-proxy- uwsgi in ubuntu disco.